The FISA resulted from extensive investigations by Senate Committees into the legality of domestic intelligence activities. These investigations were led separately by Sam Ervin and Frank Church in 1978 as a response to President Richard Nixon’s usage of federal resources to spy on political and activist groups.[4] The act was created to provide judicial and congressional oversight of the government's covert surveillance activities of foreign entities and individuals in the United States, while maintaining the secrecy needed to protect national security. It allowed surveillance, without court order, within the United States for up to one year unless the "surveillance will acquire the contents of any communication to which a United States person is a party". If a United States person is involved, judicial authorization was required within 72 hours after surveillance begins.

For most purposes, including electronic surveillance and physical searches, "foreign powers" means a foreign government, any faction(s) or foreign governments not substantially composed of U.S. persons, and any entity directed or controlled by a foreign government. §§1801(a)(1)-(3) The definition also includes groups engaged in international terrorism and foreign political organizations. §§1801(a)(4) and (5). The sections of FISA authorizing electronic surveillance and physical searches without a court order specifically exclude their application to groups engaged in international terrorism. See §1802(a)(1) (referring specifically to §1801(a)(1), (2), and (3)).

The statute includes limits on how it may be applied to U.S. persons. A "U.S. person" includes citizens, lawfully admitted permanent resident aliens, and corporations incorporated in the United States.

The code defines "foreign intelligence information" to mean information necessary to protect the United States against actual or potential grave attack, sabotage or international terrorism.[7]

In sum, a significant purpose of the electronic surveillance must be to obtain intelligence in the United States on foreign powers (such as enemy agents or spies) or individuals connected to international terrorist groups. To use FISA, the government must show probable cause that the “target of the surveillance is a foreign power or agent of a foreign power.”[1][8]

The Act created a court which meets in secret, and approves or denies requests for search warrants. Only the number of warrants applied for, issued and denied, is reported. In 1980 (the first full year after its inception), it approved 322 warrants.[9] This number has steadily grown to 2,224 warrants in 2006.[10] In the period 1979–2006, a total of 22,990 applications for warrants were made to the Court of which 22,985 were approved (sometimes with modifications; or with the splitting up, or combining together, of warrants for legal purposes), and only 5 were definitively rejected.[11]

The President may authorize, through the Attorney General, electronic surveillance without a court order for the period of one year provided it is only for foreign intelligence information;[7] targeting foreign powers as defined by 50 U.S.C.§ 1801(a)(1),(2),(3)[12] in certain conditions; and there is no substantial likelihood that the surveillance will acquire the contents of any communication to which a United States person is a party.[13]

Since 50 U.S.C.§ 1802(a)(1)(A) of this Act specifically limits warrantless surveillance to foreign powers as defined by 50 U.S.C. §1801(a) (1),(2), (3) and omits the definitions contained in 50 U.S.C. §1801(a) (4),(5),(6) the act does not authorize the use of warrantless surveillance on: groups engaged in international terrorism or activities in preparation therefore; foreign-based political organizations, not substantially composed of United States persons; or entities that are directed and controlled by a foreign government or governments.[16] Under the FISA act, anyone who engages in electronic surveillance except as authorized by statute is subject to both criminal penalties[17] and civil liabilities.[18]

Under 50 U.S.C. § 1811, the President may also authorize warrantless surveillance at the beginning of a war. Specifically, he may authorize such surveillance "for a period not to exceed fifteen calendar days following a declaration of war by the Congress".[19]

Alternatively, the government may seek a court order permitting the surveillance using the FISA court.[20] Approval of a FISA application requires the court find probable cause that the target of the surveillance be a "foreign power" or an "agent of a foreign power", and that the places at which surveillance is requested is used or will be used by that foreign power or its agent. In addition, the court must find that the proposed surveillance meet certain "minimization requirements" for information pertaining to U.S. persons.[21] Depending on the type of surveillance, approved orders or extensions of orders may be active for 90 days, 120 days, or a year.[22]

In addition to electronic surveillance, FISA permits the "physical search" of the "premises, information, material, or property used exclusively by" a foreign power. The requirements and procedures are nearly identical to those for electronic surveillance.

Proceedings before the FISA court are ex parte and non-adversarial. The court hears evidence presented solely by the Department of Justice. There is no provision for a release of information regarding such hearings, or for the record of information actually collected.

Both the subchapters covering physical searches and electronic surveillance provide for criminal and civil liability for violations of FISA.

Criminal sanctions follows violations of electronic surveillance by intentionally engaging in electronic surveillance under the color of law or through disclosing information known to have been obtained through unauthorized surveillance. The penalties for either act are fines up to US$10,000, up to five years in jail, or both.[17]

In addition, the statute creates a cause of action for private individuals whose communications were unlawfully monitored. The statute permits actual damages of not less than $1,000 or $100 per day. In addition, that statute authorizes punitive damages and an award of attorney's fees.[18] Similar liability is found under the subchapter pertaining to physical searches. In both cases, the statute creates an affirmative defense for law enforcement personnel acting within their official duties and pursuant to a valid court order. Presumably, such a defense is not available to those operating exclusively under presidential authorization.

In 2004, FISA was amended to include a "lone wolf" provision. 50 U.S.C.§ 1801(b)(1)(C). A "lone wolf" is a non-U.S. person who engages in or prepares for international terrorism. The provision amended the definition of "foreign power" to permit the FISA courts to issue surveillance and physical search orders without having to find a connection between the "lone wolf" and a foreign government or terrorist group. However, "if the court authorizes such a surveillance or physical search using this new definition of 'agent of a foreign power', the FISC judge has to find, in pertinent part, that, based upon the information provided by the applicant for the order, the target had engaged in or was engaging in international terrorism or activities in preparation therefor".[23]

In the time immediately preceding FISA, a number of courts squarely addressed the issue of "warrantless wiretaps". In both United States v. Brown, 484 F.2d 418 (5th Cir. 1973), and United States v. Butenko, 494 F.2d 593 (3rd Cir. 1974), the courts upheld warrantless wiretaps. In Brown, a U.S. citizen's conversation was captured by a wiretap authorized by the Attorney General for foreign intelligence purposes. In Butenko, the court held a wiretap valid if the primary purpose was for gathering foreign intelligence information.

A plurality opinion in Zweibon v. Mitchell, 516 F.2d 594 (D.C. Cir. 1975), held that a warrant was required for the domestic surveillance of a domestic organization. In this case, the court found that the domestic organization was not a "foreign power or their agent", and "absent exigent circumstances, all warrantless electronic surveillance is unreasonable and therefore unconstitutional."

There have been very few cases involving the constitutionality of FISA. In two lower court decisions, the courts found FISA constitutional. In the United States v. Duggan, the defendants were members of the Irish Republican Army. 743 F.2d 59 (2nd Cir., 1984). They were convicted for various violations regarding the shipment of explosives and firearms. The court held that there were compelling considerations of national security in the distinction between the treatment of U.S. citizens and non-resident aliens.

However, in a third case, the special review court for FISA, the equivalent of a Circuit Court of Appeals, opined differently should FISA limit the President's inherent authority for warrantless searches in the foreign intelligence area. In In re Sealed Case, 310 F.3d 717, 742 (Foreign Intel. Surv. Ct. of Rev. 2002) the special court stated “[A]ll the other courts to have decided the issue [have] held that the President did have inherent authority to conduct warrantless searches to obtain foreign intelligence information . . . . We take for granted that the President does have that authority and, assuming that is so, FISA could not encroach on the President's constitutional power.”

John R. Schmidt, associate attorney general (1994–1997) in the Justice Department under President Bill Clinton, expressed a need for programmatic approval of technology-enabled surveillance programs.[28] He recalled early arguments made by then-Attorney General Edward Levi to the Church Committee that foreign intelligence surveillance legislation should include provisions for programmatically authorizing surveillance programs because of the particular needs of foreign intelligence where "virtually continuous surveillance, which by its nature does not have specifically predetermined targets" may be required. In these situations, "the efficiency of a warrant requirement would be minimal."

In a 2006 opinion, Judge Richard Posner wrote that FISA "retains value as a framework for monitoring the communications of known terrorists, but it is hopeless as a framework for detecting terrorists. [FISA] requires that surveillance be conducted pursuant to warrants based on probable cause to believe that the target of surveillance is a terrorist, when the desperate need is to find out who is a terrorist."[29]

All three competing bills were the subject of Judiciary Committee hearings throughout the summer.[35] On September 13, 2006, the Senate Judiciary Committee voted to approve all three mutually exclusive bills, thus, leaving it to the full Senate to resolve.[36]

On July 18, 2006, U.S. Representative Heather Wilson (R-NM) introduced the Electronic Surveillance Modernization Act (H.R. 5825). Wilson's bill would give the President the authority to authorize electronic surveillance of international phone calls and e-mail linked specifically to identified terrorist groups immediately following or in anticipation of an armed or terrorist attack on the United States. Surveillance beyond the initial authorized period would require a FISA warrant or a presidential certification to Congress. On September 28, 2006, the House of Representatives passed Wilson's bill and it was referred to the Senate.[37]

On July 28, 2007, President Bush called on Congress to pass legislation to reform the FISA in order to ease restrictions on surveillance of terrorist suspects where one party (or both parties) to the communication are located overseas. He asked that Congress pass the legislation before its August 2007 recess. On August 3, 2007, the Senate passed a Republican-sponsored version of FISA (S. 1927) in a vote of 60 to 28. The House followed by passing the bill, 227–183. The Protect America Act of 2007 (Pub.L. 110–55, S. 1927) was then signed into law by George W. Bush on 2007-08-05.[38]

Under the Protect America Act of 2007, communications that begin or end in a foreign country may be wiretapped by the U.S. government without supervision by the FISA Court. The Act removes from the definition of "electronic surveillance" in FISA any surveillance directed at a person reasonably believed to be located outside the United States. As such, surveillance of these communications no longer requires a government application to, and order issuing from, the FISA Court.

The Act provides procedures for the government to "certify" the legality of an acquisition program, for the government to issue directives to providers to provide data or assistance under a particular program, and for the government and recipient of a directive to seek from the FISA Court, respectively, an order to compel provider compliance or relief from an unlawful directive. Providers receive costs and full immunity from civil suits for compliance with any directives issued pursuant to the Act.

A summary of key provisions follows. The Act empowers the Attorney General or Director of National Intelligence ("DNI") to authorize, for up to one year, the acquisition of communications concerning "persons reasonably believed to be outside the United States" if the Attorney General and DNI determine that each of five criteria has been met:

There are reasonable procedures in place for determining that the acquisition concerns persons reasonably believed to be located outside the United States;

The acquisition does not constitute electronic surveillance (meaning it does not involve solely domestic communications);

The acquisition involves obtaining the communications data from or with the assistance of a communications service provider who has access to communications;

A significant purpose of the acquisition is to obtain foreign intelligence information; and

Minimization procedures outlined in the FISA will be used.

This determination by the Attorney General and DNI must be certified in writing, under oath, and supported by appropriate affidavit(s). If immediate action by the government is required and time does not permit the preparation of a certification, the Attorney General or DNI can direct the acquisition orally, with a certification to follow within 72 hours. The certification is then filed with the FISA Court.

Once the certification is filed with the FISA Court, the Attorney General or DNI can direct a provider to undertake or assist in the undertaking of the acquisition.

If a provider fails to comply with a directive issued by the Attorney General or DNI, the Attorney General may seek an order from the FISA Court compelling compliance with the directive. Failure to obey an order of the FISA Court may be punished as a contempt of court.

Likewise, a person receiving a directive may challenge the legality of that directive by filing a petition with the FISA Court. An initial review must be conducted within 48 hours of the filing to determine whether the petition is frivolous, and a final determination concerning any non-frivolous petitions must be made – in writing – within 72 hours of receipt of the petition.

Determinations of the FISA Court may be appealed to the Foreign Intelligence Court of Appeals, and a petition for a writ of certiorari of a decision from the FICA can be made to the U.S. Supreme Court.

All petitions must be filed under seal.

The Act allows providers to be compensated, at the prevailing rate, for providing assistance as directed by the Attorney General or DNI.

The Act provides explicit immunity from civil suit in any federal or state court for providing any information, facilities, or assistance in accordance with a directive under the Act.

Within 120 days, the Attorney General must submit to the FISA Court for its approval the procedures by which the government will determine that acquisitions authorized by the Act conform with the Act and do not involve purely domestic communications. The FISA Court then will determine whether the procedures comply with the Act. The FISA Court thereafter will enter an order either approving the procedures or directing the government to submit new procedures within 30 days or cease any acquisitions under the government procedures. The government may appeal a ruling of the FISA Court to the FICA and ultimately the Supreme Court.

On a semiannual basis, the Attorney General shall inform the Intelligence and Judiciary Committees of the House and Senate of incidents of noncompliance with a directive issued by the Attorney General or the DNI, incidents of noncompliance with FISA Court-approved procedures by the Intelligence Community, and the number of certifications and directives issued during the reporting period.

The amendments to FISA made by the Act expire 180 days after enactment, except that any order in effect on the date of enactment remains in effect until the date of expiration of such order and such orders can be reauthorized by the FISA Court.”[39] The Act expired on February 17, 2008.

Legal experts experienced in national security issues are divided on how broadly the new law could be interpreted or applied. Some believe that due to subtle changes in the definitions of terms such as "electronic surveillance", it could empower the government to conduct warrantless physical searches and even seizures of communications and computer devices and their data which belong to U.S. citizens while they are in the United States, if the government contended that those searches and potential seizures were related to its surveillance of parties outside the United States. Intelligence officials, while declining to comment directly on such possibilities, respond that such interpretations are overly broad readings of the act, and unlikely to actually occur.

Also on September 10, DNI Mike McConnell testified before the Senate Committee on Homeland Security and Governmental Affairs that the Protect America Act had helped foil a major terror plot in Germany. U.S. intelligence-community officials questioned the accuracy of McConnell's testimony and urged his office to correct it, which he did in a statement issued September 12, 2007. Critics cited the incident as an example of the Bush administration's exaggerated claims and contradictory statements about surveillance activities. Counterterrorism officials familiar with the background of McConnell's testimony said they did not believe he made inaccurate statements intentionally as part of any strategy by the administration to persuade Congress to make the new eavesdropping law permanent. Those officials said they believed McConnell gave the wrong answer because he was overwhelmed with information and merely mixed up his facts.[41]

Speaking at National Security Agency headquarters in Fort Meade, Maryland on September 19, 2007, President George W. Bush urged Congress to make the provisions of the Protect America Act permanent. Bush also called for retroactive immunity for telecommunications companies who had cooperated with government surveillance efforts, saying, "It's particularly important for Congress to provide meaningful liability protection to those companies now facing multibillion-dollar lawsuits only because they are believed to have assisted in efforts to defend our nation, following the 9/11 attacks".[42]

On October 4, 2007, the bipartisan Liberty and Security Committee of the Constitution Project, co-chaired by David Keene and David D. Cole, issued its "Statement on the Protect America Act".[43] The Statement urged Congress not to reauthorize the PAA, saying the language of the bill "runs contrary to the tripartite balance of power the Framers envisioned for our constitutional democracy, and poses a serious threat to the very notion of government of the people, by the people and for the people". Some in the legal community have questioned the constitutionality of any legislation that would retroactively immunize telecommunications firms alleged to have cooperated with the government from civil liability for having potentially violated their customers' privacy rights.[44]

In an article appearing in the January/February 2008 issue of the Institute of Electrical and Electronics Engineers journal of Security and Privacy, noted technology experts from academia and the computing industry found significant flaws in the technical implementation of the Protect America Act which they said created serious security risks, including the danger that such a surveillance system could be exploited by unauthorized users, criminally misused by trusted insiders, or abused by the government.[45]

On October 7, 2007, the Washington Post reported that House Democrats planned to introduce alternative legislation which would provide for one-year "umbrella" warrants, and would require the Justice Department inspector general to audit the use of those warrants and issue quarterly reports to a special FISA court and to Congress. The proposed bill would not include immunity for telecommunications firms facing lawsuits in connection with the administration's NSA warrantless surveillance program. House Democrats said that as long as the administration withholds requested documents explaining the basis for the program that they cannot consider immunity for firms alleged to have facilitated it.[46] On October 10, 2007 comments on the White House South Lawn, President Bush said he would not sign any bill that did not provide retroactive immunity for telecommunications corporations.[47]

On October 18, 2007, the House Democratic leadership put off a vote on the proposed legislation by the full chamber to avoid consideration of a Republican measure that made specific references to Osama bin Laden. At the same time, the Senate Intelligence Committee reportedly reached a compromise with the White House on a different proposal that would give telephone carriers legal immunity for any role they played in the National Security Agency's domestic eavesdropping program approved by President Bush after the Sep 11 terrorist attacks.[48]

On November 15, 2007, the Senate Judiciary Committee voted 10–9 along party lines to send an alternative measure to the full Senate other than the one the intelligence committee had crafted with the White House. The proposal would leave to the full Senate whether or not to provide retroactive immunity to telecommunications firms that cooperated with the NSA. Judiciary Committee chairman Patrick Leahy said that granting such immunity would give the Bush administration a "blank check" to do what it wants without regard to the law. Arlen Specter of Pennsylvania, the top Republican on the committee, said that court cases may be the only way Congress can learn exactly how far outside the law the administration has gone in eavesdropping in the United States. When the full Senate takes up the bill, Specter is expected to offer a compromise that would shield the companies from financial ruin but allow lawsuits to go forward by having the federal government stand in for the companies at trial.[49][dated info]

On the same day, the House of Representatives voted 227–189 to approve a Democratic bill that would expand court oversight of government surveillance inside the United States while denying immunity to telecom companies. House Judiciary Committee chairman John Conyers left the door open to an immunity deal in the future, but said that the White House must first give Congress access to classified documents specifying what the companies did that requires legal immunity.[50]

In February 2008, the Senate passed the version of the new FISA that would allow telecom companies immunity. On March 13, 2008, the U.S. House of Representatives held a secret session to discuss related information. On March 14, the House voted 213–197 to approve a bill that would not grant telecom immunity – far short of the 2/3 majority required to override a Presidential veto.[51] The Senate and House bills are compared and contrasted in a June 12, 2008 report from the Congressional Research Service.[52]

On March 13, 2008, the House of Representatives held a secret, closed door meeting to debate changes to the FISA bill.[53]

The 2008 amendment of FISA gave telecoms immunity, increased the time allotted for warrantless surveillance, and adds provisions for emergency eavesdropping. On June 20, 2008, the House of Representatives passed the amendment with a vote of 293 to 129.[54][55] It passed in the Senate 69 to 28 on July 9, 2008[56] after a failed attempt to strike Title II from the bill by Senator Dodd.[57] On July 10, 2008, President Bush signed it into law.

^50 USC §1801(b) "“Agent of a foreign power” means--
(2) any person who--
(A) knowingly engages in clandestine intelligence gathering activities for or on behalf of a foreign power, which activities involve or may involve a violation of the criminal statutes of the United States;
(B) pursuant to the direction of an intelligence service or network of a foreign power, knowingly engages in any other clandestine intelligence activities for or on behalf of such foreign power, which activities involve or are about to involve a violation of the criminal statutes of the United States;
(C) knowingly engages in sabotage or international terrorism, or activities that are in preparation therefor, for or on behalf of a foreign power;
(D) knowingly enters the United States under a false or fraudulent identity for or on behalf of a foreign power or, while in the United States, knowingly assumes a false or fraudulent identity for or on behalf of a foreign power; or
(E) knowingly aids or abets any person in the conduct of activities described in subparagraph (A), (B), or (C) or knowingly conspires with any person to engage in activities described in subparagraph (A), (B), or (C)."